ZwX

44 exploits Active since Dec 2019
CVE-2023-2215 NOMISEC MEDIUM WORKING POC
Coffee Shop Pos System - SQL Injection
A vulnerability classified as critical has been found in Campcodes Coffee Shop POS System 1.0. Affected is an unknown function of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226980.
4 stars
CVSS 6.3
CVE-2023-21887 NOMISEC MEDIUM WORKING POC
Oracle MySQL <8.0.31 - DoS
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
2 stars
CVSS 4.9
CVE-2023-46805 VULNCHECK_XDB HIGH WORKING POC
Ivanti Connect Secure Unauthenticated Remote Code Execution
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks.
CVSS 8.2
CVE-2024-21887 VULNCHECK_XDB CRITICAL WORKING POC
Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) - Command Injection
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
CVSS 9.1
CVE-2019-25350 EXPLOITDB HIGH python WORKING POC
XMedia Recode 3.4.8.6 - DoS
XMedia Recode 3.4.8.6 contains a denial of service vulnerability that allows attackers to crash the application by loading a specially crafted .m3u playlist file. Attackers can create a malicious .m3u file with an oversized buffer to trigger an application crash when the file is opened.
CVSS 7.5
CVE-2020-37193 EXPLOITDB HIGH python WORKING POC
ZIP Password Recovery 2.30 - DoS
ZIP Password Recovery 2.30 contains a denial of service vulnerability that allows attackers to crash the application by providing maliciously crafted input. Attackers can create a specially prepared text file with specific characters to trigger an application crash when selecting a ZIP file.
CVSS 7.5
CVE-2020-37192 EXPLOITDB MEDIUM text WORKING POC
MSN Password Recovery 1.30 - Info Disclosure
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system configuration information.
CVSS 6.2
CVE-2020-37162 EXPLOITDB CRITICAL python WORKING POC
Wedding Slideshow Studio <1.36 - Buffer Overflow
Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability in the registration key input that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious payload of 1608 bytes to trigger a stack-based buffer overflow and execute commands through the registration key field.
CVSS 9.8
CVE-2020-37161 EXPLOITDB CRITICAL python WORKING POC
Wedding Slideshow Studio 1.36 - RCE
Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the registration name field with malicious payload. Attackers can craft a specially designed payload to trigger remote code execution, demonstrating the ability to run system commands like launching the calculator.
CVSS 9.8
CVE-2020-37102 EXPLOITDB HIGH text WORKING POC
Adaware Web Companion 4.9.2159 - Code Injection
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.
CVSS 7.8
CVE-2019-25344 EXPLOITDB HIGH text WORKING POC
Wondershare MobileGo 8.5.0 - Privilege Escalation
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators group with full system access.
CVSS 7.8
CVE-2019-25340 EXPLOITDB HIGH python WORKING POC
SpotAuditor 5.3.2 - DoS
SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field.
CVSS 7.5
CVE-2019-25336 EXPLOITDB HIGH python WORKING POC
SpotAuditor 5.3.2 - Buffer Overflow
SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.
CVSS 8.4
CVE-2019-25331 EXPLOITDB HIGH python WORKING POC
AVS Audio Converter 9.1 - Buffer Overflow
AVS Audio Converter 9.1 contains a local buffer overflow vulnerability that allows local attackers to overwrite CPU registers by manipulating the 'Exit folder' input field. Attackers can craft a specially designed text file with 264 bytes of padding followed by register overwrite values to compromise the application and potentially execute arbitrary code.
CVSS 8.4
CVE-2019-25318 EXPLOITDB HIGH python WORKING POC
AVS Audio Converter <9.1.2.600 - Code Injection
AVS Audio Converter 9.1.2.600 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by manipulating the output folder text input. Attackers can craft a malicious payload that overwrites stack memory and triggers a bind shell on port 9999 when the 'Browse' button is clicked.
CVSS 8.8
CVE-2019-25275 EXPLOITDB HIGH text WORKING POC
BartVPN 1.2.2 - Code Injection
BartVPN 1.2.2 contains an unquoted service path vulnerability in the BartVPNService that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service's execution context.
CVSS 7.8
CVE-2019-25274 EXPLOITDB HIGH text WRITEUP
ProShow Producer 9.0.3797 - Code Injection
ProShow Producer 9.0.3797 contains an unquoted service path vulnerability in the ScsiAccess service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.
CVSS 7.8
CVE-2019-25271 EXPLOITDB HIGH text WORKING POC
NETGATE Data Backup 3.0.620 - Code Injection
NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations.
CVSS 7.8
CVE-2019-25269 EXPLOITDB HIGH text WRITEUP
Amiti Antivirus <25.0.640 - Code Injection
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations.
CVSS 7.8
CVE-2019-19490 EXPLOITDB HIGH text WORKING POC
LiteManager 4.5.0 - Info Disclosure
LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe.
CVSS 7.3
EIP-2026-119462 EXPLOITDB python WORKING POC
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)
EIP-2026-119660 EXPLOITDB text WORKING POC
Microsoft Visual Basic 2010 Express - XML External Entity Injection
EIP-2026-117920 EXPLOITDB python WORKING POC
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
EIP-2026-117919 EXPLOITDB python WORKING POC
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
EIP-2026-117819 EXPLOITDB python WORKING POC
R 3.4.4 - Buffer Overflow (SEH)